<!--

    This file is part of Eclipse Steady.

    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at

        http://www.apache.org/licenses/LICENSE-2.0

    Unless required by applicable law or agreed to in writing, software
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.

    SPDX-License-Identifier: Apache-2.0
    SPDX-FileCopyrightText: Copyright (c) 2018-2020 SAP SE or an SAP affiliate company and Eclipse Steady contributors

-->
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>

<head>
	<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
	<title>Eclipse Steady - Analysis Report</title>
	<link rel="stylesheet" type="text/css" href="https://fonts.googleapis.com/css?family=Open+Sans:400,600,600italic,400italic,300italic,300">
	<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css">
	<style type="text/css">
		html {
			box-sizing: border-box;
		}

		a {
			color: #4062bb;
		}

		a:hover {
			color: #96a9d9;
		}

		body {
			font-family: 'Open Sans', sans-serif;
			margin: 0;
			padding: 0;
			background: #393e41;
			padding-bottom: 2em;
		}

		summary {
			font-size: 1.2em;
		}

		.configurations {
			width: 100%;
			cellspacing: 0;
			cellpadding: 0;
		}

		.configurations td {
			padding: 10px;
		}

		#backToTop {
			border: none;
			position: fixed;
			bottom: 50px;
			float: right;
			right: 5%;
			left: 95%;
			max-width: 40px;
			width: 100%;
			font-size: 15px;
			background-color: #393e41;
			padding: .5px;
		}

		#backToTop svg {
			fill: white;
			stroke: black;
			stroke-linecap: butt;
			overflow: visible;
			stroke-width: 0.6px;
		}

		#backToTop svg:hover {
			opacity: 50%;
		}

		details>summary::-webkit-details-marker {
			display: inline;
		}

		*,
		*:before,
		*:after {
			box-sizing: inherit;
		}

		.container {
			padding: 0 0;
		}

		.report {
			margin: 18px auto;
			max-width: 85%;
		}

		.report-card {
			background: #ffffff;
			padding: 2em;
		}

		.header {
			background: #393e41;
			color: #ffffff;
			margin: 0 0px 0px 0px;
			padding: 16px 20px;
			position: relative;
		}

		.header img {
			float: left;
			height: 80px;
		}

		.header h1 {
			float: right;
			top: 18px;
			left: 10px;
		}

		.summary {
			padding: 40px;
			color: #393e41;
			background: #ffffff;
			border-bottom: solid 1px #ECEFF1;
		}

		.target-summary {
			padding-left: 20px;
			padding-bottom: -5px;
		}

		.target-summary h3 {
			display: inline;
		}

		table {
			border: none;
		}

		.vulnerabilities {
			padding-right: 30px;
		}

		.vulnerabilities>ul {
			list-style: none;
			padding-bottom: 0;
		}

		.vulnerabilities li {
			margin-bottom: 20px;
		}

		.vulnerability {
			padding-left: 3%;
			margin-bottom: 3px;
		}

		.vulnerability_summary {
			display: inline-block;
		}

		.vulnerability_title {
			padding-bottom: 30px;
			line-height: 75%;
		}

		.vulnerability_title h2 {
			display: inline;
		}

		.vulnerability_title a {
			display: inline;
		}

		.vulnerability_sha {
			color: grey;
			font-style: italic;
		}

		#vulnerability_score_high {
			color: #393e41;
		}

		#vulnerability_score_high:hover {
			color: lightgrey;
		}

		#vulnerability_score_medium {
			color: #393e41;
		}

		#vulnerability_score_medium:hover {
			color: lightgrey;
		}

		.vulnerability_score_high h4 {
			color: #e94f37;
		}

		.vulnerability_score_medium h4 {
			color: #d89e29;
		}

		.apps>ol {
			text-align: left;
		}

		.vulnerable_apps {
			width: 100%;
			border-collapse: collapse;
		}

		.vulnerable_apps tr {
			border-bottom: solid 1px #393e41;
		}

		.vulnerable_apps td {
			border-right: solid 1px #393e41;
			border-left: solid 1px #393e41;
		}

		.vulnerable_apps th {
			border-right: solid 1px #393e41;
			border-left: solid 1px #393e41;
			border-bottom: solid 1px #393e41;
			border-top: solid 1px #393e41;
			text-align: left;
			padding: 5px;
			padding-left: 20px;
		}

		/* Tooltip from http://www.menucool.com/tooltip/css-tooltip# */
		.tooltip {
		    display:inline-block;
		    position:relative;
		    border-bottom:1px dotted #666;
		    text-align:left;
		}

		.tooltip .top {
		    min-width:350px;
		    top:-20px;
		    left:50%;
		    transform:translate(-50%, -100%);
		    padding:10px 20px;
		    color:#444444;
		    background-color:#ffffff;
		    font-weight:normal;
		    font-size:15px;
		    border-radius:8px;
		    position:absolute;
		    z-index:99999999;
		    box-sizing:border-box;
		    box-shadow:0 1px 8px rgba(0,0,0,0.5);
		    visibility:hidden; opacity:0; transition:opacity 0.8s;
		}

		.tooltip:hover .top {
		    visibility:visible; opacity:1;
		}

		.tooltip .top i {
		    position:absolute;
		    top:100%;
		    left:50%;
		    margin-left:-12px;
		    width:24px;
		    height:12px;
		    overflow:hidden;
		}

		.tooltip .top i::after {
		    content:'';
		    position:absolute;
		    width:12px;
		    height:12px;
		    left:50%;
		    transform:translate(-50%,-50%) rotate(45deg);
		    background-color:#EEEEEE;
		    box-shadow:0 1px 8px rgba(0,0,0,0.5);
		}

		.callout {
			z-index: 20;
			position: absolute;
			top: 30px;
			border: 0;
			left: -12px;
		}

		/* Other styles */
		td.descr {
			background-color: #DDDDDD;
			color: black;
			font-size: 75%;
		}

		td.above_threshold {
			background-color: #FF9999;
		}

		td.apps {
			padding: 0px;
			text-align: left;
		}

		h2.build_exception {
			color: #e94f37;
		}

		h2.build_ok {
			color: #9cec5b;
		}

		a {
			text-decoration: none;
		}
	</style>
	<script type="text/javascript">
	//<![CDATA[
	function toggle(_btn, _div) {
		var elem = document.getElementById(_div);

		if(elem.style.display === 'none') {
			elem.style.display = 'block'
			_btn.innerHTML = "-";
		}
		else {
			elem.style.display = 'none'
			_btn.innerHTML = "+";
		}
	}
	//]]>
	</script>
</head>

<body>
	<a name="top"></a>
	<div class="container">
		<div class="header">
			<img alt="Eclipse Steady" src=""/>
			<h2>Eclipse Steady - Analysis Report</h2>
		</div>
		<div class="summary">
			<table class="configurations">
				<tr>
					<td valign="top" width="25%">
						<h2>Generated: </h2>
						<div class="target-summary">
							<span>at: </span><h3>$generatedAt</h3><br>
							<span>with: </span><h3>$generatedWith</h3><br>
							<!--
								Version:         $generatedWith
								Build timestamp: $buildTimestamp
								Build number:    $buildNumber
								Build branch:    $buildBranch
							-->
						</div>

						<h2>Target: </h2>
						<div class="target-summary">
							<span>Workspace: </span><h3>$space.getSpaceToken()</h3><br>
							<span>Group: </span><h3>$app.getMvnGroup()</h3><br>
							<span>Artifact: </span><h3>$app.getArtifact()</h3><br>
							<span>Version: </span><h3>$app.getVersion()</h3><br>
						</div>

						#if($isAggregated)
						<div class="target-summary">
							<span>Aggregated projects ($projects.size())&nbsp;<a href="#" onClick="toggle(this, 'projects')">+</a>
						</div>
						<div class="target-summary" id="projects" style="display: none;">
							<ul>
							#foreach( $prj in $projects)
							<li><span>$prj.getMvnGroup() : $prj.getArtifact() : $prj.getVersion()</span></li>
							#end
							</ul>
						</div>
						#end

						<h2>Links: </h2>
						<div class="target-summary">
							<span><a href="$vulasSharedHomepage/user/manuals" target="_blank">Docs - User Manual</a></span><br>
							<span><a href="$vulasSharedHomepage/user/manuals/assess_and_mitigate" target="_blank">Docs - Assess and Mitigate</a></span><br>
							<span><a href="$vulasSharedHomepage/user/support" target="_blank">Docs - Getting Help</a></span><br>
							<span><a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()" target="_blank">Web Frontend</a></span><br>
						</div>
					</td>
					<td valign="top" width="75%">
						#if($thresholdMet)
						<h2 class="build_ok">Analysis Result: Success</h2>
						#else
						<h2 class="build_exception">Analysis Result: Failure</h2>
						#end						
						<details>
							<br />
							<summary>
							#if($thresholdMet)
								No vulnerabilities, thus, no build exception is thrown
							#else
								$vulnsAboveThreshold.size() vulnerabilities, thus, a build exception is thrown
							#end
							</summary>
							The findings presented below represent archives containing code that is subject to a specific vulnerability.
							Expand to see the vulnerability description and the CVSS score (if any).
							While the first table column indicates that vulnerable code is contained, the other two columns
							show whether that vulnerable code is reachable according to the static and dynamic analyses (if performed using the respective analysis goals).
							#if($isAggregated)
								Hover over the table cells to see the full identifier (GAV) of the affected application project as well as details about the respective dependency.
							#else
								Hover over the table cells to see more details about the dependency.
							#end 
						</details>
						
						<h2>Used Configuration Settings</h2>
						<details>
							<summary>exceptionThreshold: $exceptionThreshold</summary>
							<br />
							Specifies if and when the plugin will throw a build exception.<br /><br />
							Possible values (default: dependsOn):
							<ul>
								<li>noException - no build exception will be thrown, regardless of the analysis results
								<li>dependsOn - an exception will be thrown if at least one application project depends on an archive with known vulnerabilities (typically by declaring a dependency in the POM file)
								<li>potentiallyExecutes - an exception will be thrown if at least one application project can potentially execute vulnerable code (according to static source code analysis).
								<li>actuallyExecutes - an exception will be thrown if at least one application project actually executes vulnerable code during application tests.
							</ul>
						</details>
						<br />

						<details>
							<br />
							<summary>Exempted scopes: $exemptScopes</summary>
							List of scopes that will be ignored (exempted) when deciding whether to throw a build exception.
							<br /><br />Example: vulas.report.exemptScope = test, provided
							<br />Possible values: compile, provided, runtime, test, system
							<br />Default: [test, provided]
						</details>
						<br />

						<details>
							<br />
							<summary>Exempted bugs: $exemptBugs</summary>
							List of security vulnerabilities that will be ignored (exempted) when deciding whether to throw a build exception.
							<br /><br />Example: vulas.report.exemptBug.CVE-2014-0050.reason = Lorem ipsum
							<br />Default: none
							#if( $obsoleteExemptionsHistorical || $obsoleteExemptionsSignatureNotPresent )
							<br /><br />Obsolete exemptions (historical vulnerabilities): $obsoleteExemptionsHistorical
							<br />Obsolete exemptions (signatures of vulnerable code not present): $obsoleteExemptionsSignatureNotPresent
							#end
						</details>
					</td>
				</tr>
			</table>
		</div>

		<section class="report">
			<div>
				<div class="report-card">
					<div id="result" style="display: block;">
						<div class="vulnerabilities">
							<details>
								<summary>
									<h2 style="display: inline-block;">Vulnerabilities ($vulnsAboveThreshold.size())</h2>
								</summary>
								#foreach( $vul in $vulnsAboveThreshold )
								<div class="vulnerability"
								#if     ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 9 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#e94f37"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 8 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#ed6f5b"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 7 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#fb8b24"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 6 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#fb9537"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 5 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#fba04b"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 4 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#f4d35e"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() lt 3 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#bdd358"
								#else style="border-left-style:solid;border-left-width:15px;border-left-color:grey"
								#end >
								<details>
										<summary>
											<div class="vulnerability_summary">
												<div class="vulnerability_title">
													<h2>
														$vul.filename
													</h2>
													affected by
													<h2>
														#if( $vul.bug.getReference().isEmpty() )
														<a class="vulnerability_score_high" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=$vul.bug.getBugId()" target="_blank">$vul.bug.getBugId()</a>
														#else
														<a class="vulnerability_score_high" href="$vul.bug.getReference().iterator().next()" target="_blank">$vul.bug.getBugId()</a>
														#end
													</h2>
												</div>
											</div>
										</summary>
										<div>
											Archive Digest: $vul.archiveid
										</div>
										<div>
											CVSS Score:
											<span
												#if     ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 9.0 ) style="color:#e94f37;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 8.0 ) style="color:#ed6f5b;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 7.0 ) style="color:#fb8b24;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 6.0 ) style="color:#fb9537;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 5.0 ) style="color:#fba04b;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 4.0 ) style="color:#f4d35e;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() lt 3 ) style="color:#bdd358;font-weight:bold"
												#else style="color:grey;font-weight:bold"
												#end >
												$vul.bug.getCvssDisplayString()
											</span>
										</div>
										<br />
										<div>
											#if($vul.bug.getDescription())
												$vul.bug.getDescription()
											#end
											#if($vul.bug.getDescriptionAlt())
												$vul.bug.getDescriptionAlt()
											#end
										</div>
										<br />
										<table class="vulnerable_apps">
											<tr>
												<th>Includes vulnerable code</th>
												<th>Potentially executes vulnerable code</th>
												<th>Executes vulnerable code</th>
											</tr>
											<tr>
												<td class="apps">
													<ol>
														#foreach( $analysis in $vul.analyses )
														<li>
															<div class="tooltip">
																<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
																#if($exceptionThreshold=='dependsOn' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
																#elseif($exceptionThreshold=='dependsOn' && $analysis.isThrowsExceptionExcluded()) style="color: #a5b452; font-weight: bold;"
																#else style="color: #393e41; font-weight: bold"
																#end target="_blank">
																	$analysis.getApp().getArtifact()
																</a>
																#if( $analysis.isAffectedVersion() && $analysis.isAffectedVersionConfirmed() )
																<img width="15" alt="Vulnerable"
																	src=""
																/>
																#elseif( $analysis.isNoneAffectedVersion() )
																<img width="15" alt="Not vulnerable"
																	src=""
																/>
																#elseif( !$analysis.isAffectedVersionConfirmed() )
																<img width="15" alt="Unknown"
																	src=""
																/>
																#end
																<div class="top">
																	<strong>Group: </strong>$analysis.getApp().getMvnGroup()<br/>
																	<strong>Artifact: </strong> $analysis.getApp().getArtifact()<br/>
																	<strong>Version: </strong>$analysis.getApp().getVersion()<br/>
																	<strong>Scope: </strong>$analysis.getDep().getScope()<br />
																	<strong>Transitive dependency: </strong>$analysis.getDep().getTransitive()
																	#if( $exceptionThreshold=='dependsOn' && $analysis.isThrowsExceptionExcluded() )
																	<br />A build exception for this finding was suppressed according to the goal configuration
																	#end
																</div>
															</div>
															</li>
														#end
													</ol>
												</td>
												<td class="apps">
													<ol>
														#foreach( $analysis in $vul.analyses )
														#if( !$analysis.isNoneAffectedVersion())
														<li>
															<div class="tooltip">
															<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
															#if( $exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
															#elseif($exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsExceptionExcluded()) style="color: #a5b452; font-weight: bold;"
															#else style="color: #393e41; font-weight: bold"
															#end target="_blank">
																$analysis.getApp().getArtifact()
															</a>
															#if( $analysis.isReachable() )
																<img width="15" alt="Reachable"
																src=""
															/>
															#elseif( $analysis.isNotReachable() )
															<img width="15" alt="Not reachable"
																src=""
															/>
															#elseif( !$analysis.isReachableConfirmed() )
															<img width="15" alt="Unknown"
																src=""
															/>
															#end
															<div class="top">
																<strong>Group: </strong>$analysis.getApp().getMvnGroup()<br/>
																<strong>Artifact: </strong> $analysis.getApp().getArtifact()<br/>
																<strong>Version: </strong>$analysis.getApp().getVersion()<br/>
																<strong>Scope: </strong>$analysis.getDep().getScope()<br />
																<strong>Transitive dependency: </strong>$analysis.getDep().getTransitive()
																#if( $exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsExceptionExcluded() )
																<br />A build exception for this finding was suppressed according to the goal configuration
																#end
															</div>
														</div>
														</li>
														#end
														#end
													</ol>
												</td>
												<td class="apps">
													<ol>
														#foreach( $analysis in $vul.analyses )
														#if( !$analysis.isNoneAffectedVersion())
														<li>
															<div class="tooltip">
																<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
																#if( $exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
																#elseif($exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsExceptionExcluded()) style="color: #a5b452; font-weight: bold;"
																#else style="color: #393e41; font-weight: bold"
																#end target="_blank">
																	$analysis.getApp().getArtifact()
																</a>
															#if( $analysis.isTraced() )
															<img width="15" alt="Reached"
																src=""
															/>
																	<!-- <br/>
															When: $analysis.datetime-->
															#elseif( $analysis.isNotTraced() )
															<img width="15" alt="Not reached"
																src=""
															/>
															#elseif( !$analysis.isTracedConfirmed() )
															<img width="15" alt="Unknown"
																src=""
															/>
															#end
															<div class="top">
																<strong>Group: </strong>$analysis.getApp().getMvnGroup()<br/>
																<strong>Artifact: </strong> $analysis.getApp().getArtifact()<br/>
																<strong>Version: </strong>$analysis.getApp().getVersion()<br/>
																<strong>Scope: </strong>$analysis.getDep().getScope()<br />
																<strong>Transitive dependency: </strong>$analysis.getDep().getTransitive()
																#if( $exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsExceptionExcluded() )
																<br />A build exception for this finding was suppressed according to the goal configuration
																#end
															</div>
														</div>
														</li>
														#end
														#end
													</ol>
												</td>
											</tr>
										</table>
									</details>
									<br />
								</div>
								#end
							</details>
						</div>
						<div class="vulnerabilities">
							<details>
								<summary>
									<h2 style="display: inline-block;">Exempted Vulnerabilities ($vulnsBelowThreshold.size())</h2>
								</summary>
								#foreach( $vul in $vulnsBelowThreshold )
								<div class="vulnerability"
								#if     ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 9 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#e94f37"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 8 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#ed6f5b"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 7 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#fb8b24"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 6 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#fb9537"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 5 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#fba04b"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() ge 4 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#f4d35e"
								#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() lt 3 ) style="border-left-style:solid;border-left-width:15px;border-left-color:#bdd358"
								#else style="border-left-style:solid;border-left-width:15px;border-left-color:grey"
								#end >
									<details>
										<summary>
											<div class="vulnerability_summary">
												<div class="vulnerability_title">
													<h2>
														$vul.filename
													</h2>
													affected by
													<h2>
														#if( $vul.bug.getReference().isEmpty() )
														<a class="vulnerability_score_high" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=$vul.bug.getBugId()" target="_blank">$vul.bug.getBugId()</a>
														#else
														<a class="vulnerability_score_high" href="$vul.bug.getReference().iterator().next()" target="_blank">$vul.bug.getBugId()</a>
														#end
													</h2>
												</div>
											</div>
										</summary>
										<div>
											Archive Digest: $vul.archiveid
										</div>
										<div>
											CVSS Score:
											<span
												#if     ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 9.0 ) style="color:#e94f37;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 8.0 ) style="color:#ed6f5b;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 7.0 ) style="color:#fb8b24;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 6.0 ) style="color:#fb9537;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 5.0 ) style="color:#fba04b;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore().floatValue() ge 4.0 ) style="color:#f4d35e;font-weight:bold"
												#elseif ( $vul.bug.getCvssScore() && $vul.bug.getCvssScore() lt 3 ) style="color:#bdd358;font-weight:bold"
												#else style="color:grey;font-weight:bold"
												#end >
												$vul.bug.getCvssDisplayString()
											</span>
										</div>
										<br />
										<div>
											#if($vul.bug.getDescription())
												$vul.bug.getDescription()
											#end
											#if($vul.bug.getDescriptionAlt())
												$vul.bug.getDescriptionAlt()
											#end
										</div>
										<br />
										<table class="vulnerable_apps">
											<tr>
												<th>Includes vulnerable code</th>
												<th>Potentially executes vulnerable code</th>
												<th>Executes vulnerable code</th>
											</tr>
											<tr>
												<td class="apps">
													<ol>
														#foreach( $analysis in $vul.analyses )
														<li>
															<div class="tooltip">
																<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
																#if($exceptionThreshold=='dependsOn' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
																#elseif($exceptionThreshold=='dependsOn' && $analysis.isThrowsExceptionExcluded()) style="color: #e94f37; font-weight: bold;"
																#else style="color: #393e41; font-weight: bold"
																#end target="_blank">
																	$analysis.getApp().getArtifact()
																</a>
																#if( $analysis.isAffectedVersion() && $analysis.isAffectedVersionConfirmed() )
																<img width="15" alt="Vulnerable"
																	src=""
																/>
																#elseif( $analysis.isNoneAffectedVersion() )
																<img width="15" alt="Not vulnerable"
																	src=""
																/>
																#elseif( !$analysis.isAffectedVersionConfirmed() )
																<img width="15" alt="Unknown"
																	src=""
																/>
																#end
																<div class="top">
																	<strong>Group: </strong>$analysis.getApp().getMvnGroup()<br/>
																	<strong>Artifact: </strong> $analysis.getApp().getArtifact()<br/>
																	<strong>Version: </strong>$analysis.getApp().getVersion()<br/>
																	<strong>Scope: </strong>$analysis.getDep().getScope()<br />
																	<strong>Transitive dependency: </strong>$analysis.getDep().getTransitive()
																	#if( $exceptionThreshold=='dependsOn' && $analysis.isThrowsExceptionExcluded() )
																	<br />
																	<br /><strong>Exemption reason: </strong>$analysis.getExemption().getReason()
																	#end
																</div>
															</div>
															</li>
														#end
													</ol>
												</td>
												<td class="apps">
													<ol>
														#foreach( $analysis in $vul.analyses )
														#if( !$analysis.isNoneAffectedVersion())
														<li>
															<div class="tooltip">
															<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
															#if( $exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
															#elseif($exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsExceptionExcluded()) style="color: #e94f37; font-weight: bold;"
															#else style="color: #393e41; font-weight: bold"
															#end target="_blank">
																$analysis.getApp().getArtifact()
															</a>
															#if( $analysis.isReachable() )
																<img width="15" alt="Reachable"
																src=""
															/>
															#elseif( $analysis.isNotReachable() )
															<img width="15" alt="Not reachable"
																src=""
															/>
															#elseif( !$analysis.isReachableConfirmed() )
															<img width="15" alt="Unknown"
																src=""
															/>
															#end
															<div class="top">
																<strong>Group: </strong>$analysis.getApp().getMvnGroup()<br/>
																<strong>Artifact: </strong> $analysis.getApp().getArtifact()<br/>
																<strong>Version: </strong>$analysis.getApp().getVersion()<br/>
																<strong>Scope: </strong>$analysis.getDep().getScope()<br />
																<strong>Transitive dependency: </strong>$analysis.getDep().getTransitive()
																#if( $exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsExceptionExcluded() )
																<br /><strong>Note: </strong>Above configuration settings suppressed a build exception for this finding
																#end
															</div>
														</div>
														</li>
														#end
														#end
													</ol>
												</td>
												<td class="apps">
													<ol>
														#foreach( $analysis in $vul.analyses )
														#if( !$analysis.isNoneAffectedVersion())
														<li>
															<div class="tooltip">
																<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
																#if( $exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
																#elseif($exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsExceptionExcluded()) style="color: #e94f37; font-weight: bold;"
																#else style="color: #393e41; font-weight: bold"
																#end target="_blank">
																	$analysis.getApp().getArtifact()
																</a>
															#if( $analysis.isTraced() )
															<img width="15" alt="Reached"
																src=""
															/>
																	<!-- <br/>
															When: $analysis.datetime-->
															#elseif( $analysis.isNotTraced() )
															<img width="15" alt="Not reached"
																src=""
															/>
															#elseif( !$analysis.isTracedConfirmed() )
															<img width="15" alt="Unknown"
																src=""
															/>
															#end
															<div class="top">
																<strong>Group: </strong>$analysis.getApp().getMvnGroup()<br/>
																<strong>Artifact: </strong> $analysis.getApp().getArtifact()<br/>
																<strong>Version: </strong>$analysis.getApp().getVersion()<br/>
																<strong>Scope: </strong>$analysis.getDep().getScope()<br />
																<strong>Transitive dependency: </strong>$analysis.getDep().getTransitive()
																#if( $exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsExceptionExcluded() )
																<br /><strong>Note: </strong>Above configuration settings suppressed a build exception for this finding
																#end
															</div>
														</div>
														</li>
														#end
														#end
													</ol>
												</td>
											</tr>
										</table>
									</details>
									<br />
								</div>
								#end
							</details>
						</div>
					</div>
				</div>
			</div>
		</section>
	</div>
</body>
</html>
